<?php

session_start();
include_once '../connectBDD.php';
include '../utils/verificateurDate.class.php';    

$chaine = htmlspecialchars($_POST['chaine']);
$type = htmlspecialchars($_POST['type']);

if (!isset($_SESSION['login']) || trim($chaine) == '') {
    exit("false");
}
if ($type == "prenom" || $type == "nom") {
    //TODO: faire les tests de vérification et la requete
    if ($type == "nom") {
        $query = "update User set last_name='$chaine' where login = '" . $_SESSION['login'] . "'";
    } else {
        $query = "update User set first_name='$chaine' where login = '" . $_SESSION['login'] . "'";
    }
    mysql_query($query) or die(mysql_error());
    if (mysql_error() == "") {
        echo "true";
    }
    exit;

    exit;
} elseif ($type == "datenaiss") {
    $verifDate = new verificateurDate($chaine);
    if ($verifDate->estValide(false)) {
        $dateString = $verifDate->getDateCompatibleBDD();
        //  $query = "update User set birthdate = STR_TO_DATE(" . $dateString . ", GET_FORMAT(DATE, 'EUR')) where login = '" . $_SESSION['login'] . "'";
        $query = "update user set birthdate = '" . $dateString . "' where login = '" . $_SESSION['login'] . "'";
        mysql_query($query) or die(mysql_error());
        if (mysql_error() == "") {
            echo "true";
        }
    }
} elseif ($type == "mail") {
    $query = "update user set mail = '" . $chaine . "' where login = '" . $_SESSION['login'] . "'";
    mysql_query($query) or die(mysql_error());
    if (mysql_error() == "") {
        echo "true";
    }
} elseif ($type == "comment") {
    $dateTime = date_format(new DateTime(), 'Y-m-d H:i:s');
    //$query = "update comments set comment = '" . $chaine . "' where login = '" . $_SESSION['login'] . "' and id_event = '" . $_SESSION['id_event']. "'";
    $query = "insert into comments (login,id_event,comment,dateTime) values ('".$_SESSION['login']."', '".$_POST['id']."','" . addslashes($chaine) . "','". $dateTime ."')";

    mysql_query($query) or die(mysql_error());
    if (mysql_error() != "") {
        exit("false");
    }
    //echo mysql_error();

    //Affichage des événements
      $idEvent = $_POST['id'];
    
    $query = "SELECT c.id_comment, c.comment, c.login, c.dateTime, u.avatar_path FROM comments c, user u WHERE c.login = u.login and c.id_event = $idEvent ORDER BY c.dateTime desc";
    $result3 = mysql_query($query);
    if (!$result3) {
        echo mysql_error();
    }
    $nb_res = mysql_num_rows($result3);
    if ($nb_res > 0) {

        while ($rows = mysql_fetch_assoc($result3)) {
            echo"
                         <div class='commentaire'>
                            <div id='petite_image'>
                                <img src=" . $rows['avatar_path'] . " width='50px' height='50px' />
                            </div>";
            if (isset($_SESSION['login']) && $_SESSION['login'] == $rows['login']) {
                echo "<a class='croix_ferm' href=\"javascript:supprimerCommentaire('" . $rows['id_comment'] . "', $idEvent, 'utilisateur')\"><img src='images/picto_croix.gif'/></a>";
            }
            echo"<div id='blockLoginMP'>
                                <div id='login_msg'>
                                    <a href='profil.php?login=" . $rows['login'] . "'>" . $rows['login'] . "</a>
                                     <span class='heure_msg'>" . date_format(new DateTime($rows['dateTime']), 'd/m/Y à H:i:s') . "</span>
                                </div>
                                
                            </div><br style='clear:both'/>
                            <div id='comment_content'><p>" . $rows['comment'] . "</p></div>
                        </div>";
        }
    }
    
}
?>
